Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38AD9280C62211EF8207E67A762E951A.roa
File: 38AD9280C62211EF8207E67A762E951A.roa (raw, json)
Hash identifier: lPM+32kaEZDfIaCAVcMprxEz5t/edNZ2PO1OWqsbpkk=
Subject key identifier: 77:3F:85:69:07:58:86:45:E0:F6:61:F5:D7:B0:63:CF:2F:2B:46:CF
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 012F76
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38AD9280C62211EF8207E67A762E951A.roa
Signing time: Sun 29 Dec 2024 20:19:35 +0000
ROA not before: Sun 29 Dec 2024 20:19:32 +0000
ROA not after: Sun 12 Dec 2027 20:19:32 +0000
asID: 17561
IP address blocks: 154.217.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Apr 2025 00:06:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77686 (0x12f76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Dec 29 20:19:32 2024 GMT
Not After : Dec 12 20:19:32 2027 GMT
Subject: CN=6771aed7-ac3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2a:94:e0:76:28:08:46:4d:8f:2c:5d:b6:49:
77:e8:22:d7:d7:2a:35:ed:63:34:06:e8:42:33:62:
b0:95:1c:f6:e3:e1:7c:22:45:f1:31:79:a0:50:1e:
8d:c8:00:77:04:e7:6f:5f:69:de:aa:15:93:bd:b4:
4a:08:c8:2b:6c:88:0c:43:97:74:f0:a8:be:5e:44:
aa:1a:f0:cd:12:d5:c6:41:b3:b1:31:91:1d:c6:34:
90:79:34:16:c0:b9:68:98:d9:93:3b:94:9f:ae:90:
89:82:30:41:ea:62:8b:90:28:d0:2f:c0:d3:c0:14:
6a:6b:f3:3b:22:1b:70:09:1a:0e:d0:c2:a7:25:40:
66:17:42:3e:74:ed:2b:58:de:f6:9f:67:1c:32:12:
ac:5c:cf:b0:16:41:f3:f6:d1:43:9a:8a:66:57:99:
f9:93:d2:91:e1:73:28:d6:03:2c:a6:d0:16:55:2a:
50:9a:f6:da:1a:b0:27:aa:a4:13:bb:47:b7:d7:17:
58:7b:5e:81:f4:f4:5c:fd:a5:98:01:d6:b7:be:14:
d5:a8:a7:5b:1c:7c:14:54:4d:4a:f2:4d:77:a9:03:
b7:df:c5:c4:f3:f4:67:59:d1:a4:82:90:6e:39:83:
6f:0f:33:7d:ed:b7:db:dc:b3:0d:24:d5:a0:27:78:
eb:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3F:85:69:07:58:86:45:E0:F6:61:F5:D7:B0:63:CF:2F:2B:46:CF
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/38AD9280C62211EF8207E67A762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.217.158.0/24
Signature Algorithm: sha256WithRSAEncryption
48:e0:bb:34:8a:9f:e0:f1:15:94:e4:14:7b:6b:7d:c2:01:89:
5e:f8:a9:96:a7:44:0d:91:10:ed:c6:d1:01:4f:1d:e1:d8:67:
94:2c:93:21:69:b0:60:44:82:66:46:3f:64:ca:d2:ef:61:26:
19:f2:6d:e6:e3:4f:01:e8:1c:7e:81:00:54:94:da:0b:31:ea:
8b:b5:54:03:cf:05:91:2b:09:ea:d8:49:77:c6:43:7d:5a:6a:
46:3c:41:88:d2:7f:9a:07:98:23:a4:3d:ac:64:f7:ae:06:a2:
e0:ca:25:f4:f9:8c:b6:30:d1:7d:41:62:ce:17:ac:25:c8:16:
b4:18:57:7b:59:c0:53:e8:39:29:4f:90:d0:40:ca:0e:2a:a6:
01:70:0b:08:b5:87:90:80:bb:39:17:dc:4f:8a:b1:f3:c4:bc:
a5:0d:75:29:a6:c2:f6:c5:aa:05:6c:04:23:2a:05:31:12:a1:
d6:f7:cc:4c:e4:01:53:12:22:09:de:b8:31:90:1c:da:d0:2a:
92:31:84:ff:08:99:60:88:31:fb:dc:22:c1:fd:22:b5:fc:cb:
a1:52:5d:81:61:c0:e3:ef:21:f8:4f:c1:2a:f6:97:00:e2:23:
c9:52:af:52:b8:0b:76:90:55:94:dd:c5:1e:bc:5a:0a:6b:be:
34:f2:48:cc
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAS92MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjQxMjI5MjAxOTMyWhcNMjcxMjEyMjAxOTMyWjAYMRYw
FAYDVQQDEw02NzcxYWVkNy1hYzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwyqU4HYoCEZNjyxdtkl36CLX1yo17WM0BuhCM2KwlRz24+F8IkXxMXmg
UB6NyAB3BOdvX2neqhWTvbRKCMgrbIgMQ5d08Ki+XkSqGvDNEtXGQbOxMZEdxjSQ
eTQWwLlomNmTO5SfrpCJgjBB6mKLkCjQL8DTwBRqa/M7IhtwCRoO0MKnJUBmF0I+
dO0rWN72n2ccMhKsXM+wFkHz9tFDmopmV5n5k9KR4XMo1gMsptAWVSpQmvbaGrAn
qqQTu0e31xdYe16B9PRc/aWYAda3vhTVqKdbHHwUVE1K8k13qQO338XE8/RnWdGk
gpBuOYNvDzN97bfb3LMNJNWgJ3jrGQIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFHc/
hWkHWIZF4PZh9dewY88vK0bPMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC8zOEFEOTI4MEM2MjIxMUVGODIwN0U2N0E3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmtmeMA0GCSqGSIb3DQEB
CwUAA4IBAQBI4Ls0ip/g8RWU5BR7a33CAYle+KmWp0QNkRDtxtEBTx3h2GeULJMh
abBgRIJmRj9kytLvYSYZ8m3m408B6Bx+gQBUlNoLMeqLtVQDzwWRKwnq2El3xkN9
WmpGPEGI0n+aB5gjpD2sZPeuBqLgyiX0+Yy2MNF9QWLOF6wlyBa0GFd7WcBT6Dkp
T5DQQMoOKqYBcAsItYeQgLs5F9xPirHzxLylDXUppsL2xaoFbAQjKgUxEqHW98xM
5AFTEiIJ3rgxkBza0CqSMYT/CJlgiDH73CLB/SK1/MuhUl2BYcDj7yH4T8Eq9pcA
4iPJUq9SuAt2kFWU3cUevFoKa7408kjM
-----END CERTIFICATE-----
Generated at Fri Apr 4 11:08:55 2025 by rpki-client